Total
2323 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-4007 | 2026-03-12 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was detected in Tenda W3 1.0.0.3(2204). This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is now public and may be used. | |||||
| CVE-2026-3975 | 2026-03-12 | 9.0 HIGH | 8.8 HIGH | ||
| A security flaw has been discovered in Tenda W3 1.0.0.3(2204). This issue affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet of the component POST Parameter Handler. Performing a manipulation of the argument wl_radio results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-3973 | 2026-03-12 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was determined in Tenda W3 1.0.0.3(2204). This affects the function formSetAutoPing of the file /goform/setAutoPing of the component POST Parameter Handler. This manipulation of the argument ping1/ping2 causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2026-4008 | 2026-03-12 | 9.0 HIGH | 8.8 HIGH | ||
| A flaw has been found in Tenda W3 1.0.0.3(2204). This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2026-24640 | 1 Fortinet | 1 Fortiweb | 2026-03-12 | N/A | 6.6 MEDIUM |
| A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0.2 through 7.0.12 may allow a remote authenticated attacker who can bypass stack protection and ASLR to execute arbitrary code or commands via crafted HTTP requests. | |||||
| CVE-2026-30897 | 1 Fortinet | 1 Fortiweb | 2026-03-12 | N/A | 6.6 MEDIUM |
| A stack-based buffer overflow vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote authenticated attacker who can bypass stack protection and ASLR to execute arbitrary code or commands via crafted HTTP requests. | |||||
| CVE-2026-28494 | 1 Imagemagick | 1 Imagemagick | 2026-03-12 | N/A | 7.1 HIGH |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-size stack buffers via memcpy without bounds checking, resulting in stack corruption. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41. | |||||
| CVE-2026-27821 | 1 Gpac | 1 Gpac | 2026-03-11 | N/A | 7.8 HIGH |
| GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in `src/filters/dmx_nhml.c`. The value of the xmlHeaderEnd XML attribute is copied from att->value into szXmlHeaderEnd[1000] using strcpy() without any length validation. If the input exceeds 1000 bytes, it overwrites beyond the stack buffer boundary. Commit 9bd7137fded2db40de61a2cf3045812c8741ec52 patches the issue. | |||||
| CVE-2025-70238 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard52. | |||||
| CVE-2025-70243 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard534. | |||||
| CVE-2025-70250 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formdumpeasysetup. | |||||
| CVE-2025-70244 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formWlanSetup. | |||||
| CVE-2026-28690 | 1 Imagemagick | 1 Imagemagick | 2026-03-11 | N/A | 6.9 MEDIUM |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41. | |||||
| CVE-2026-27267 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2026-03-11 | N/A | 7.8 HIGH |
| Illustrator versions 29.8.4, 30.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-70227 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the nextPage parameter to goform/formLanguageChange. | |||||
| CVE-2025-70242 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formSetWanPPTP. | |||||
| CVE-2025-70246 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formVirtualServ. | |||||
| CVE-2025-70247 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizard1. | |||||
| CVE-2025-70249 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizard2. | |||||
| CVE-2025-70251 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-11 | N/A | 7.5 HIGH |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formWlanGuestSetup. | |||||